CVE-2026-44628
HighCVSS 7.5Exploitation Probability (EPSS)
Low risk31th percentile — higher than 31% of all known CVEs
Summary
An unauthenticated attacker can crash the worklist server with a single crafted query when the server has a valid Called AE Title / storage directory, the expected lockfile, and at least one matching worklist record.
Risk Assessment
The attack can cause the worklist server to crash, preventing medical task processing and potentially affecting system availability.
Recommendation
Immediately update the worklist server software to a patched version. Until then, restrict access to trusted networks only.
Original NVD description (English source)
An unauthenticated attacker can crash the worklist server with a single crafted query when the server has a valid Called AE Title / storage directory, the expected lockfile, and at least one matching worklist record.

